Lucene search
K

1620 matches found

Securelist
Securelist
added 2026/03/18 11:0 a.m.19 views

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Introduction In this installment of our SOC Files series, we will walk you through a targeted campaign that our MDR team identified and hunted down a few months ago. It involves a threat known as Horabot , a bundle consisting of an infamous banking Trojan, an email spreader, and a notably complex...

6AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/17 8:20 p.m.4 views

CVE-2026-2809 Endpoint DLP Driver DLL

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...

6.7CVSS5.8AI score0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.16 views

PT-2026-41035

Name of the Vulnerable Software and Affected Versions Portainer versions 2.33.0 through 2.33.7 Portainer versions 2.39.0 through 2.39.1 Portainer versions 2.40.0 through 2.40.x Portainer versions prior to 2.33.0 Description An authorization bypass exists in the Docker API proxy layer where plugin...

9.4CVSS6AI score0.00328EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.17 views

PT-2026-41036

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions 2.33.0 through 2.33.7 Portainer Community Edition versions 2.39.0 through 2.39.1 Portainer Community Edition versions 2.40.0 through 2.40.x Portainer Community Edition versions prior to 2.33.0 Description...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References15
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/04 1:40 a.m.21 views

Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026)

Overview Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. Impact Remote code execution due to a directory traversal vulnerability...

9.8CVSS7.8AI score0.03811EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.11 views

Trellix Endpoint Security HX 安全漏洞

Trellix Endpoint Security HX is a endpoint detection and response software developed by the American company Trellix. There is a security vulnerability in Trellix Endpoint Security HX, which stems from a flaw in the fekern.sys driver file, potentially leading to privilege escalation...

7.8CVSS5.8AI score0.001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/18 2:53 p.m.3 views

CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

5.1AI score0.00118EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/02/18 2:53 p.m.6 views

CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

5.5CVSS5.2AI score0.00118EPSS
Exploits0
CVE
CVE
added 2026/02/09 11:5 p.m.16 views

CVE-2025-15313

Technical details about CVE-2025-15313 are not publicly available in the provided documents; the records only indicate Tanium EUSS arbitrary file deletion was addressed. Monitor for updates.

7.1CVSS5.6AI score0.00173EPSS
Exploits0References1Affected Software1
Packet Storm News
Packet Storm News
added 2026/02/09 12:0 a.m.5 views

Framework for Integrating Zero Trust in Cloud-Based Endpoint Security for Critical Infrastructure

Cyber threats have become highly sophisticated, prompting a heightened concern for endpoint security, especially in critical infrastructure, to new heights. A security model, such as Zero Trust Architecture ZTA, is required to overcome this challenge. ZTA treats every access request as new and...

5.6AI score
Exploits0
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.7 views

Tanium Threat Response 安全漏洞

Tanium Threat Response is a core security module for endpoint detection and response developed by the American company Tanium. Tanium Threat Response has a security vulnerability, which stems from information leakage...

4.9CVSS5.8AI score0.00326EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/30 2:32 p.m.3 views

CVE-2026-1684

A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcpreports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to...

6.9CVSS5.5AI score0.00504EPSS
Exploits1References7Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:0 p.m.8 views

CVE-2018-19367

Portainer through 1.19.2 provides an API endpoint /api/users/admin/check to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case...

9.8CVSS6.9AI score0.01469EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:22 a.m.14 views

CVE-2021-31856

A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint order parameter in GetMesheryPatterns in models/mesherypatternpersister.go...

9.8CVSS8.6AI score0.75384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.6 views

CVE-2022-38777

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account...

7.8CVSS6.9AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.11 views

CVE-2022-26699

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. An app may be able to cause a denial-of-service to Endpoint Security clients...

5.5CVSS5.8AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:8 a.m.10 views

CVE-2020-7251

Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security ENS Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS...

5.5CVSS6.7AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.6 views

CVE-2020-7308

Cleartext Transmission of Sensitive Information between McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence GTI servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining...

6.5CVSS7.1AI score0.00509EPSS
Exploits0References1
OSV
OSV
added 2026/01/08 9:46 p.m.5 views

GHSA-G59M-GF8J-GJF5 AWS SDK for Rust v1 adopted defense in depth enhancement for region parameter value

Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement has been implemented in th...

3.7CVSS5.7AI score
Exploits0References4
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.4 views

DriveLock 安全漏洞

DriveLock is an endpoint security and data protection platform from DriveLock Germany. A security vulnerability exists in DriveLock 24.1 and prior versions 24.1.x, 24.2.8 and prior versions 24.2.8, and 25.1.6 and prior versions 24.1.x. The vulnerability stems from an agent that creates files and...

8.4CVSS6.7AI score0.00097EPSS
Exploits0References1
Rows per page
Query Builder